Cybersecurity Exam Professor Oliver
Which of the following is the most accurate description of Usenet?
A global collection of bulletin boards
Using the __________ cipher you choose some number by which to shift each letter of a text.
ASCII
In 2021, the water treatment facility in Oldsmar, FL, which is just north of Tampa, was hit by a ransomware attack. Specifically, this is an example of a(n)?
Attack on a SCADA system
The process to make a system as secure as it can be without adding on specialized software or equipment is _______________
Hardening
The virus scanning technique that uses rules to determine if a program behaves like a virus is _________ scanning
Heuristic
The Mean Squared Deviation (MSD) formula gives us insight into
How any system diverges from expectations
Which of the following is the correct term for simply making your system less attractive to attackers?
Intrusion deterrence
Why do you not want too much personal data about you on the Internet?
It might be used by an identity thief to impersonate you
Using asymmetric encryption, I want to encrypt a message I'm sending to you. So I will obtain your ______ key, which is available to anyone, to encrypt the message, and you will use your ______ key to read it.
Public, private
The rule that packets not originating from inside your LAN should not be forwarded relates to ___________.
Routers
This type of diagram shows how objects interact over time.
Security Sequence diagram
All employees should receive a copy of the company's __________ policies
Security/acceptable use
Which of the following is a step you might take for large networks but not for smaller networks?
Segment the network with firewalls between the segments
Which of the following best describes the communication goal of any intelligence agency?
To send clear communications to allies and noise only to the enemy
What is the most appropriate tool for capturing the requirements of any security process or system?
Traceability matrix
Which of these is NOT a type of symmetric algorithm?
Transcription
A digital signature is used to guarantee who sent a message. This is referred to as nonrepudiation.
True
Cipher text is encrypted text.
True
Kerberos is an authentication protocol that uses a ticket granting system that sends an encrypted ticket to the user's machine.
True
One reason allowing a user to change the desktop configuration poses a security problem is that to change a desktop the user must also be given rights to change other system settings
True
What type of diagram is used to show how any entity might interact with a system?
Use-Case diagram
Passwords, Internet use, email attachments, software installation, instant messaging, and desktop configuration are areas of ______.
User policies
The ____________ contains a list of USB devices that have been connected to the machine.
Windows Registry
This lists all of the USB devices that have been connected to a Windows PC
Windows registry
This systems engineering tool is a diagram that is also used in Systems Analysis and Design; it takes a large process and divides it into smaller, manageable processes
Work Breakdown Structure (WBS)
It would be advisable to obtain __________ before running a background check on any person.
Written permission
In the Unified Modeling Language, an activity to be performed is represented b
an oval
John the Ripper used passlist to crack the passwords for elmo, Oscar, lisa, and homer. Why did we use this passlist file?
because this file included the passwords we assigned the four users
Reliability analysis can be applied to cybersecurity engineering. It is the process of
determining how dependable a system is
When we used the the Hashcat program, what is in the nthashes file?
hashes of passwords for each userid
In Part 2.2 of the lab, you created a NAT Port Forward rule. In general, such a rule as we created it:
redirects packets to the Ubuntu machine
To determine how many "hops" or routers a packet will take from the source computer to its destination, you would key in the _______ command on a ______ machine.
traceroute; Linux
A screening firewall works in the application layer of the OSI model.
False
IPsec can only encrypt the packet data but not the header information.
False
Linux and Windows typically are not shipped with firewalls
False
Snort is an open-source firewall.
False
The Windows command fc lists all active sessions to the computer.
False
You may use Linux to make a ______________ of the hard drive
Forensically valid copy
Which of these is NOT one of the two basic types of cryptography?
Forward
Pedro is examining a Windows 7 computer. He has extracted the index.dat file and is examining that file. What is in the Index.dat file?
General Internet history, file browsing history, and so on for a Windows machine
Any _________ you do not explicitly need should be shut down.
Ports
Which of the following is the most helpful data you might get from Usenet on a person you are investigating?
Postings by the individual you are investigating
Documentation of every person who had access to evidence, how they interacted with it, and where it was stored is called the ________________.
Chain of custody
Which of the following cybersecurity activities would be most accurately described as engineering?
Creating a requirements traceability matrix
__________ is the art to write in or decipher secret code.
Cryptography
A _________ involves setting up two firewalls: an outer and an inner firewall.
DMZ (demilitarized zone)
The plan to return a business to full normal operations is ____________
DRP
Sending a false message with weak encryption, intending it to be intercepted and deciphered, is an example of what?
Disinformation
Which of the following is a cyber attack that would likely cause imminent loss of life?
Disruption of security systems
In which firewall configuration is the firewall running on a server with at least two network interfaces?
Dual-homed host
__________ is the most obvious reason for organizations to provide their users with Internet access.
With asymmetric cryptography a different ______ is used to encrypt the message and to decrypt the message.
Key
Which of the following is more likely to be a result of fraud than a cyber attack?
Money stolen from accounts
What is the preferred method for storing backups?
Offsite in a secure location
Probing your network for security flaws should occur once a quarter, and a complete audit of your security should be completed ________ per year.
Once
Command that reveals the secret message hidden within an image.
Steghide
Which modeling language is used by systems engineers?
SysML
Procedures for adding users, removing users, and dealing with security issues are examples of ___________ policies.
System administration
A file that stays in memory after it executes is a(n) _____________.
Terminate and Stay Resident program
Frequently the first responder to a computer crime is ________.
The network administrator
What is the primary advantage to using a commercial web search service?
They can get the information faster than you can
